No plans to mass compromise accounts on other sites, post says.

Share this story

The group that hacked MacRumors Forums and made off with password data for more than 860,000 users has no plans to use it to mass compromise the accounts of people who use the same login credentials on other sites.

The pledge was made in this post by a user who supplied confidential password details that weren't publicly available. Among other things, that information included partial cryptographic hash corresponding to the password of MacRumors Editorial Director Arnold Kim, as well as the cryptographic salt used to increase the time required to crack it. Kim told Ars that those and other confidential details included in the post were "legit." The user went on to defend the hack as a benign undertaking designed to sharpen the skills of both the hacker and the MacRumors administrators.

"We're not logging in to your gmails, apple accounts, or even your yahoo accounts (unless we target you specifically for some unrelated reason)," the user known simply as Lol wrote. "We're not terrorists. Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place."

He continued: "Consider the 'malicious' attack friendly. The situation could have been catastrophically worse if some fame-driven idiot was the culprit and the database were to be leaked to the public."

In subsequent posts here and here, Lol expanded on the thinking behind the hack. "Outside of this hobby, *cough*, I do partake in whitehat activities and try to contribute to some open source projects etc. It builds quite the resumé." The MacRumors breach, Lol added, was taken on "to test myself. I never defaced the site, I never bragged about it anywhere, I just got in and got out."

Lol went on to counter speculation that the hack was the result of exploiting one or more vulnerabilities in VBulletin, the open-source fee-based software that powered the MacRumors forums.

"The fault lied [sic] within a single moderator," the post stated. "All of you kids that are saying upgrade from 3.x to 4.x or 5.x have no idea what you're talking about."

Lol confirmed that the MacRumors password hashes totaled 860,106. Interestingly, more than half of them contained a cryptographic salt that had a length of just three "bits," although I'm guessing Lol really meant "bytes," which would mean each one contained just three characters.

Salts are pseudo-random strings that are appended to the plain text of passwords before they are run through a one-way hash function. Salting is designed to increase the time it takes to crack large numbers of hashes by requiring the attacker to make guesses against each hash individually instead of all at once. (Salting also prevents cracking through the use of rainbow tables, although in the age of video cards and efficient dictionary attacks made possible by Hashcat and other free cracking programs, few people use that method anymore.) To be truly effective, salts must be unique for every hash, something that generally isn't possible with a three-byte salt.

"Anyone that'd been active recently will have a longer salt, which will slow down the hash cracking by a fraction of the time it would have taken (duplicate salts = less work [to] do, it's like to have many with a 3 bit salt)," Lol wrote. "We're not 'mass cracking' the hashes. It doesn't take long whatsoever to run a hash through hashcat with a few dictionaries and salts and get results."

While the confidential details included in the post proves the writer has insider knowledge into the hack, readers are advised to maintain a healthy skepticism of all remaining claims. For instance, counter to Lol's claims, there's no way right now to be sure the hack wasn't executed by exploiting a VBulletin vulnerability. And of course, MacRumors account holders shouldn't take the word of an admitted trespasser that their accounts on other sites won't be accessed.

Story updated to add the last paragraph, clarify bits and bytes earlier.

Interestingly, more than half of them contained a cryptographic salt that had a length of just three bits

Ok, I realize that even the source mentions "three bits," but that has to be a typo or a mistake in lieu of "three bytes" or three multi-byte words/characters. Or please tell me it's just supposed to refer to three bits of entropy at least (which would be fairly horrifically bad even then).

Hacking LinkedIn was something that could have resulted in real damage to my reputation. I changed a marginally good password and made it something so hard to remember and type correctly that I was forced to start using a password manager. Today every email account and site that I deem worthy of protection has a unique strong passphrase.

Hacking MacRumors, on the other hand, was a reminder of why I reused the same simple password for all forums: anyone posting as me would likely get more up votes than I do

Adobe had an old system compromised before it was deactivated.Macrumors had old/inactive users with 3-byte salt (easy to crack), while newer/active users had been updated to use 30-byte salts.

Interesting dilemma; Macrumors could have deleted, deactivated (requiring password reset upon logon) or initiated a password reset at any point in time to either "upgrade" or delete all accounts with 3-byte salts.

"We've upgraded your account for free to higher security and more options! Come take a look!"

When user logs in: auth user via old salt, re-save in db with new salt method. User doesn't even need to know anything happened (although ideally you would have them update to a new password during this process, just in case).

Case 2:

Migration table: encode any hashed passwords using the old salts with new salts (double hashing). Save both salts (any "old" passwords will now have to be hashed against their old salt, then re-hashed against their new salt when logging in to authenticate them), see above for when the user finally does log in to get rid of the old salt.

While you're doing it, go ahead and switch to bcrypt/scrypt.

Crypto itself is fairly hard. Deploying decent crypto is actually not (and you still shouldn't roll your own where it can be avoided, because mistakes or bad research happen).

A 3 byte salt is only a problem if hundreds of other people on macrumors.com have the same password as you have. If that's the case, then you have a really bad password and will be cracked no matter how large the salt is.